package com.gitee.empty_null.authorization.customizer;

import com.gitee.empty_null.authorization.handler.OAuth2AuthenticationFailureHandler;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;

/**
 * @author xuhainan
 * @date 2024/1/16 14:10
 * @region hefei
 */
public class OAuth2ResourceServerConfigurerCustomizer implements Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> {

    private final JwtDecoder jwtDecoder;

    public OAuth2ResourceServerConfigurerCustomizer(JwtDecoder jwtDecoder) {
        this.jwtDecoder = jwtDecoder;
    }

    @Override
    public void customize(OAuth2ResourceServerConfigurer<HttpSecurity> configurer) {
        OAuth2AuthenticationFailureHandler failureHandler = new OAuth2AuthenticationFailureHandler();
        configurer.jwt(jwt -> jwt.decoder(this.jwtDecoder))
                .bearerTokenResolver(new DefaultBearerTokenResolver())
                .authenticationEntryPoint(failureHandler)
                .accessDeniedHandler(failureHandler);
    }


}
